Tech Support Guy banner
  • IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Status
Not open for further replies.

pop ups and hijacking my browser. please help

711 views 0 replies 1 participant last post by  rob0107 
#1 ·
One of those bundled program items found it way into my system. It is hijacking my browser and constantly trying to download programs to my system. I have manually removed obvious ones using uninstall programs. I have also downloaded and ran ADWCleaner and have ran it twice and cleaned after each one. Computer is running really slow and it is obviously still corrupted. Please help me find and remove these. I need my computer back asap. I did my best to read and follow the newbie instructions but is hard with all the pop ups and redirects. ADWCleaner reports are below. Thank you.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
Processor: AMD Turion(tm) 64 Mobile Technology MT-30, x86 Family 15 Model 36 Stepping 2
Processor Count: 1
RAM: 1151 Mb
Graphics Card: ATI RADEON XPRESS 200M Series, 128 Mb
Hard Drives: C: Total - 76308 MB, Free - 64122 MB;
Motherboard: To be filled by O.E.M., To be filled by O.E.M.
Antivirus: Microsoft Security Essentials, Updated: Yes, On-Demand Scanner: Enabled

# AdwCleaner v3.022 - Report created 02/01/2015 at 19:25:50
# Updated 13/03/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Robert - ROBERT-5591AD21
# Running from : C:\Documents and Settings\Robert\My Documents\Downloads\AdwCleaner Setup [1].exe
# Option : Scan

***** [ Services ] *****

Service Found : CltMngSvc

***** [ Files / Folders ] *****

File Found : C:\END
Folder Found C:\Documents and Settings\LocalService\Local Settings\Application Data\SearchProtect
Folder Found C:\Documents and Settings\Robert\Application Data\AnyProtectEx
Folder Found C:\Documents and Settings\Robert\Local Settings\Application Data\SearchProtect
Folder Found C:\Documents and Settings\Robert\My Documents\Optimizer Pro
Folder Found C:\Program Files\AnyProtectEx
Folder Found C:\Program Files\predm
Folder Found C:\Program Files\SearchProtect

***** [ Shortcuts ] *****

***** [ Registry ] *****

Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~1\SearchProtect\SearchProtect\bin\VC32Loader.dll
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\Crossrider
Key Found : HKCU\Software\DynConIE
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Optimizer Pro
Key Found : HKCU\Software\Tutorials
Key Found : HKCU\Software\TutoTag
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\Software\Crossrider
Key Found : HKLM\Software\InstallCore
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\Software\SearchProtect
Key Found : HKLM\Software\Tutorials

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.trovi.com/?gd=&ctid=CT3332410&octid=EB_ORIGINAL_CTID&ISID=IA1B98AA0-21C4-4F82-B1CB-48B03217D820&SearchSource=55&CUI=&UM=8&UP=SPEFFF6703-78A4-449D-BE30-D913B07F9396&SSPV=

-\\ Google Chrome v39.0.2171.95

[ File : C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Found : homepage
Found : icon_url
Found : suggest_url
Found : keyword

*************************

AdwCleaner[R0].txt - [2819 octets] - [02/01/2015 19:25:50]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2879 octets] ##########

# AdwCleaner v3.022 - Report created 02/01/2015 at 20:33:33
# Updated 13/03/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Robert - ROBERT-5591AD21
# Running from : C:\Documents and Settings\Robert\My Documents\Downloads\AdwCleaner Setup [1].exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Tutorials
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\Software\Tutorials

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Google Chrome v39.0.2171.95

[ File : C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2959 octets] - [02/01/2015 19:25:50]
AdwCleaner[R1].txt - [1000 octets] - [02/01/2015 20:33:33]
AdwCleaner[S0].txt - [2858 octets] - [02/01/2015 19:27:53]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1120 octets] ##########

# AdwCleaner v3.022 - Report created 02/01/2015 at 19:27:53
# Updated 13/03/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Robert - ROBERT-5591AD21
# Running from : C:\Documents and Settings\Robert\My Documents\Downloads\AdwCleaner Setup [1].exe
# Option : Clean

***** [ Services ] *****

Service Deleted : CltMngSvc

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\AnyProtectEx
Folder Deleted : C:\Program Files\predm
Folder Deleted : C:\Program Files\SearchProtect
Folder Deleted : C:\Documents and Settings\LocalService\Local Settings\Application Data\SearchProtect
Folder Deleted : C:\Documents and Settings\Robert\Local Settings\Application Data\SearchProtect
Folder Deleted : C:\Documents and Settings\Robert\Application Data\AnyProtectEx
Folder Deleted : C:\Documents and Settings\Robert\My Documents\Optimizer Pro
File Deleted : C:\END

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\DynConIE
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\Tutorials
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\Crossrider
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\Tutorials
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~1\SearchProtect\SearchProtect\bin\VC32Loader.dll

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v39.0.2171.95

[ File : C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

*************************

AdwCleaner[R0].txt - [2959 octets] - [02/01/2015 19:25:50]
AdwCleaner[S0].txt - [2718 octets] - [02/01/2015 19:27:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2778 octets] ##########

# AdwCleaner v3.022 - Report created 02/01/2015 at 20:34:32
# Updated 13/03/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Robert - ROBERT-5591AD21
# Running from : C:\Documents and Settings\Robert\My Documents\Downloads\AdwCleaner Setup [1].exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKCU\Software\Tutorials
Key Deleted : HKLM\Software\Tutorials

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Google Chrome v39.0.2171.95

[ File : C:\Documents and Settings\Robert\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2959 octets] - [02/01/2015 19:25:50]
AdwCleaner[R1].txt - [1200 octets] - [02/01/2015 20:33:33]
AdwCleaner[S0].txt - [2858 octets] - [02/01/2015 19:27:53]
AdwCleaner[S1].txt - [1129 octets] - [02/01/2015 20:34:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1189 octets] ##########
 
See less See more
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top